Mozilla Uncovers Two Infected Add-ons, Issues Warning to Firefox Users
Add-ons are great because they allow us to customize the way the Firefox browser looks, and enhance the way the Firefox browser works. The large majority of users get their add-ons from Mozilla’s official site, addons.mozilla.org (referred to as AMO). Mozilla uncovered that two malicious add-ons managed to sneak their way onto the experimental section of AMO. These add-ons are: Sothink Web Video Downloader version 4.0 and Master Filer (all versions). Both add-ons contained Trojan code meant to infect Windows computers.
“Two experimental add-ons, Version 4.0 of Sothink Web Video Downloader and all versions of Master Filer were found to contain Trojan code aimed at Windows users. Version 4.0 of Sothink Web Video Downloader contained Win32.LdPinch.gen, and Master Filer contained Win32.Bifrose.32.Bifrose Trojan. Master Filer was downloaded approximately 600 times between September 2009 and January 2010. Version 4.0 of Sothink Web Video Downloader was downloaded approximately 4,000 times between February 2008 and May 2008. Master Filer was removed from AMO on January 25, 2010 and Version 4.0 of Sothink Web Video Downloader was removed from AMO on February 2, 2010,” said Mozilla.
Experimental add-ons are add-ons that have not undergone Mozilla’s public review process. To put it bluntly, Mozilla’s editorial team did not have the time to go over these add-ons. You can install an experimental add-on , put you do it at your own risk. In this case, if you installed one of the two malicious add-ons mentioned above, you would also install a Trojan on your computer. Getting rid of the Trojan is not as simple as uninstalling the add-on. You must use an antivirus program to scan your system and remove the Trojan – and any other infection.
Just because Mozilla did not go over an add-on with a fine comb, this is not to say it does not check for malware when accepting new add-ons. Mozilla uses several anti-malware scanning tools, but it would seem these two add-ons somehow managed to evade the malware detection tools.
“These were not originally detected with the anti-malware scanning tools that we have been using. We have since increased the number of scanning tools, and will be taking additional steps to minimize the risk of further incidents,” said Mozilla.
The bottom line is this; if you installed one of the two add-ons mentioned above, you need to uninstall them immediately. Then you need to use an antivirus program to scan your system and remove any infection. The recently released Avast! Free Antivirus 5 for example can and will remove any infection brought on by these malicious add-ons.
“Two experimental add-ons, Version 4.0 of Sothink Web Video Downloader and all versions of Master Filer were found to contain Trojan code aimed at Windows users. Version 4.0 of Sothink Web Video Downloader contained Win32.LdPinch.gen, and Master Filer contained Win32.Bifrose.32.Bifrose Trojan. Master Filer was downloaded approximately 600 times between September 2009 and January 2010. Version 4.0 of Sothink Web Video Downloader was downloaded approximately 4,000 times between February 2008 and May 2008. Master Filer was removed from AMO on January 25, 2010 and Version 4.0 of Sothink Web Video Downloader was removed from AMO on February 2, 2010,” said Mozilla.
Experimental add-ons are add-ons that have not undergone Mozilla’s public review process. To put it bluntly, Mozilla’s editorial team did not have the time to go over these add-ons. You can install an experimental add-on , put you do it at your own risk. In this case, if you installed one of the two malicious add-ons mentioned above, you would also install a Trojan on your computer. Getting rid of the Trojan is not as simple as uninstalling the add-on. You must use an antivirus program to scan your system and remove the Trojan – and any other infection.
Just because Mozilla did not go over an add-on with a fine comb, this is not to say it does not check for malware when accepting new add-ons. Mozilla uses several anti-malware scanning tools, but it would seem these two add-ons somehow managed to evade the malware detection tools.
“These were not originally detected with the anti-malware scanning tools that we have been using. We have since increased the number of scanning tools, and will be taking additional steps to minimize the risk of further incidents,” said Mozilla.
The bottom line is this; if you installed one of the two add-ons mentioned above, you need to uninstall them immediately. Then you need to use an antivirus program to scan your system and remove any infection. The recently released Avast! Free Antivirus 5 for example can and will remove any infection brought on by these malicious add-ons.
